Lucene search
K

2709 matches found

NVD
NVD
added 5 days ago10 views

CVE-2026-59734

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.469, Coolify's app/Jobs/ApplicationDeploymentJob.php generatehealthcheckcommands function directly interpolated the healthcheckhost, healthcheckmethod, and healthcheckpath...

8.8CVSS0.00417EPSS
Exploits1References4
EUVD
EUVD
added 5 days ago9 views

EUVD-2026-42657

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.469, Coolify's app/Jobs/ApplicationDeploymentJob.php generatehealthcheckcommands function directly interpolated the healthcheckhost, healthcheckmethod, and healthcheckpath...

8.8CVSS6.2AI score0.00417EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 5 days ago6 views

CVE-2026-59734

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.469, Coolify's app/Jobs/ApplicationDeploymentJob.php generatehealthcheckcommands function directly interpolated the healthcheckhost, healthcheckmethod, and healthcheckpath...

8.8CVSS6.2AI score0.00417EPSS
Exploits1References5Affected Software1
CVE
CVE
added 6 days ago25 views

CVE-2026-55433

Coder: Devcontainer recreate endpoint lacked ActionUpdate authorization, allowing read-only workspace roles to trigger destructive rebuilds. Affected versions prior to 2.29.7, 2.32.7, 2.33.8, and 2.34.2 trusted by the endpoint; fix adds ActionUpdate check before dialing the agent, mirroring the d...

5.4CVSS6AI score0.00394EPSS
Exploits0References6Affected Software1
OSV
OSV
added 6 days ago7 views

CVE-2026-55433 Coder: Devcontainer recreate endpoint missing write authorization allows read-only roles to destroy containers

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the devcontainer recreate endpoint relied on route middleware that checked only ActionRead on the workspace and, unlike the sibling delete endpoint, perform...

5.4CVSS6AI score0.00394EPSS
Exploits0References8
Cvelist
Cvelist
added 6 days ago38 views

CVE-2026-55433 Coder: Devcontainer recreate endpoint missing write authorization allows read-only roles to destroy containers

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the devcontainer recreate endpoint relied on route middleware that checked only ActionRead on the workspace and, unlike the sibling delete endpoint, perform...

5.4CVSS0.00394EPSS
Exploits0References6
OSV
OSV
added last week8 views

GO-2026-5922 Coder: Devcontainer recreate endpoint missing write authorization allows read-only roles to destroy containers in github.com/coder/coder

Coder: Devcontainer recreate endpoint missing write authorization allows read-only roles to destroy containers in github.com/coder/coder...

5.4CVSS5.9AI score0.00394EPSS
Exploits0References2
OSV
OSV
added last week4 views

PYSEC-2026-2003 vantage6 has insecure SSH configuration for node and server containers

Impact Nodes and servers get a ssh config by default that permits root login with password authentication. In a proper deployment, the SSH service is not exposed so there is no risk, but not all deployments are ideal. The default should therefore be less permissive. We will probably opt to...

6.5CVSS7.2AI score0.00466EPSS
Exploits0References7
OSV
OSV
added 2026/07/07 2:58 a.m.3 views

CVE-2026-34058 Coolify: OS Command Injection via Unmanaged Container Operations - Remote Code Execution

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the Livewire component Server\Resources exposes public methods startUnmanaged, stopUnmanaged, restartUnmanaged that accept a container ID parameter directly from the browse...

8.8CVSS6.2AI score0.00352EPSS
Exploits0References6
Fedora
Fedora
added 2026/07/07 1:10 a.m.10 views

[SECURITY] Fedora 43 Update: prometheus-podman-exporter-1.21.2-1.fc43

Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...

9.1CVSS6.8AI score0.00651EPSS
Exploits1
Fedora
Fedora
added 2026/07/07 12:51 a.m.15 views

[SECURITY] Fedora 44 Update: prometheus-podman-exporter-1.21.2-1.fc44

Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...

9.1CVSS6.8AI score0.00651EPSS
Exploits1
OSV
OSV
added 2026/07/06 9:9 p.m.3 views

GHSA-JQJ2-X4C5-JFXM Coder: Devcontainer recreate endpoint missing write authorization allows read-only roles to destroy containers

Summary The devcontainer recreate endpoint relied on route middleware that checked only ActionRead on the workspace and, unlike the sibling delete endpoint, performed no ActionUpdate check before triggering the destructive rebuild. Note: Exploitation requires an existing low-privilege role with...

5.4CVSS6AI score0.00394EPSS
Exploits0References3
Fedora
Fedora
added 2026/07/04 1:7 a.m.7 views

[SECURITY] Fedora 43 Update: buildah-1.43.2-1.fc43

The buildah package provides a command line tool which can be used to create a working container from scratch or create a working container from an image as a starting point mount/umount a working container's root file system for manipulation save container's root file system layer to create a ne...

5.9AI score
Exploits0
Fedora
Fedora
added 2026/07/03 1:9 a.m.9 views

[SECURITY] Fedora 43 Update: apptainer-1.5.2-1.fc43

Apptainer provides functionality to make portable containers that can be used across host environments...

7.5CVSS5.7AI score0.00939EPSS
Exploits0
Fedora
Fedora
added 2026/07/03 12:56 a.m.7 views

[SECURITY] Fedora 44 Update: apptainer-1.5.2-1.fc44

Apptainer provides functionality to make portable containers that can be used across host environments...

7.5CVSS5.7AI score0.00939EPSS
Exploits0
OSV
OSV
added 2026/07/01 8:57 p.m.5 views

GHSA-VX8H-4PRV-G744 Rancher has Privilege Escalation from Project Owner to Host

Impact A vulnerability has been identified in Rancher Manager that allows users assigned the Project Owner role to modify Pod Security Admission PSA labels on namespaces within their projects. Under the default role configuration, an attacker with the following access pattern can exploit this...

9.4CVSS5.8AI score0.00319EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/30 6:20 p.m.18 views

EUVD-2026-36102

Fission: Environment Runtime.Container and Builder.Container SecurityContext bypass allows privileged pod creation...

9.9CVSS5.8AI score0.0029EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 10:20 a.m.8 views

Security Bulletin: Multiple security vulnerabilities are addressed with Cloud Pak foundational services 4.18 shipped with IBM Business Automation Workflow containers June 2026

Summary IBM Business Automation Workflow containers include IBM Cloud Pak foundational services. IBM Business Automation Workflow containers June 2026 security fixes update this dependency beyond 4.18 to address security vulnerabilities. Vulnerability Details CVEID:CVE-2024-45310 DESCRIPTION: run...

9.8CVSS7.2AI score0.01945EPSS
Exploits4Affected Software2
Fedora
Fedora
added 2026/06/29 1:11 a.m.10 views

[SECURITY] Fedora 43 Update: prometheus-podman-exporter-1.21.1-1.fc43

Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...

7.5CVSS6.7AI score0.00651EPSS
Exploits1
Fedora
Fedora
added 2026/06/29 12:58 a.m.6 views

[SECURITY] Fedora 44 Update: prometheus-podman-exporter-1.21.1-1.fc44

Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...

7.5CVSS6.7AI score0.00651EPSS
Exploits1
Rows per page
Query Builder